In accordance with Data Protection legislation, including General Data Protection Regulations (GDPR), we are advising you that any personal and/or sensitive data requested from you will be stored securely and will only be used in order to manage the contract of business, including insurance requirements, we are arranging for you where we have a legal obligation in handling your data. We may also have a legitimate interest in handling your data when dealing with third parties, such as your insurers. This information will only be made available to third parties, such as insurers or their claims handling agents, in order to further manage and service your insurance policy.

We will retain your information for a period of time which is necessary to ensure no further liability, such as any insurance claims, exists. This period will normally be 7 years from expiry of the policy but may be extended for certain types of business.

The types of data vary but typically include name, address, email address, telephone number and date of birth. Other details may be needed depending on the type of insurance required.

For certain types of business we may require sensitive information from you in order to arrange your insurance requirements or service any claims, for example, medical records, which may involve passing such information to insurers or their claims handling agents. We are permitted to process this type of information without your consent, under the “insurance purposes ground” of the Data Protection Act 2018.

Because of the GDPR, countries within the European Economic Area (EEA) have a high standard of data protection law, therefore any personal data Costero sends to third parties in the EEA will be adequately protected. In other parts of the world, the same level of legal protection may not be afforded to Personal Data, therefore if Costero does send Personal Data outside of the UK & EEA, we make sure suitable safeguards in are in place in accordance with UK & European Data Protection Laws. These safeguards include, sending personal data to countries which are covered by an “Adequacy Decision” or putting in place Standard Contract Clauses with the recipient of the personal data.

From time to time Costero may share share your Personal Data with other Group Companies to the extent that is necessary to facilitate the effective administration and operation of insurance services that we provide to you. When these Group companies are located outside of the UK & EEA, which will ensure that Standard Contractual Clauses are in place, to adequately protect your personal data. Your Insurers and/or their third party agents may pass data outside of the EU and, where applicable, we will seek their confirmation that this is adequately protected.

Subject to certain contractual or legal restrictions including our ability to administer your policy, you have the right to:-
• See a copy of the personal information we hold about you, free of charge
• Ask us to delete any of your personal data where there is no legitimate reason for continuing to hold it.
• Have any inaccurate or misleading data corrected or deleted
• Restrict the processing of your data
• Lodge a complaint with the Information Commissioners Office if you are unhappy with the manner in which we store or handle your data. This can be done online at: Additionally, they can be called on: 0303 123 1113.

If you provide data to us about other people you must provide this notice to them before you pass their data to us. You must obtain their consent if this includes sensitive data such as health or criminal record data.

If at any time you wish to know what information we hold on you, or have any queries relating to the above, please contact our director responsible for Data

Protection issues at:
Telephone: 0044 (0) 20 8051 5100

Or write to:
Costero Brokers Ltd
9th Floor, The Northern & Shell Building,
10 Lower Thames Street, London, EC3R 6EN